When performing online file transfers using peer-to-peer file transfer protocols (e.g., such as BitTorrent™), computing devices are vulnerable to security risks associated with the content being downloaded and processed.
In the BitTorrent™ file distribution system, each file to be downloaded is divided into small information chunks called pieces or portions. These pieces are distributed amongst a number of peers, which collectively, are called a swarm. The computing device desiring to download the file may simultaneously request multiple pieces from different computers in the swarm. Upon being downloaded, these pieces may be made available for download by others in the swarm. Once all the pieces are obtained by the computing device, they can be re-assembled to form the original file or content desired.
The BitTorrent™ protocol provides for a metadata file called a torrent file (e.g., with a .torrent file extension) that contains information about the content to be downloaded. This metadata may include the file names, sizes, folder structure, and cryptographic hash values (e.g., for verifying file integrity) of the content. The torrent file is associated with the content to be downloaded, but it does not contain the content itself.
To assist the computing device initialize a connection with other computing devices in a swarm, the torrent file may include information about the network locations of trackers. Trackers are network computers that assist computing devices find each other and form efficient swarms.
To initialize participation in a swarm for downloading desired content, a computing device may first obtain the corresponding torrent file by downloading it. Then, the computing device may be configured to have a BitTorrent™ client application process the torrent file. To learn the Internet locations of peers which may be sharing pieces, the client application connects to the trackers named in the torrent file (e.g., by providing a hash of the torrent to the tracker so that the tracker can identify the torrent file). Then the client connects directly to the peers in order to request pieces participate in a swarm. The client may also report progress to trackers, to help the tracker with its peer recommendations.
There are variations to the how the BitTorrent™ protocol may operate. For example, some torrents may be considered “trackerless”. In such configurations, trackers may not be required to provide the Internet locations of peers in the swarm. Instead, peers in the swarm may be stored as information in a Distributed Hash Table (DHT), and the hash of the torrent file may be used as a key in an entry of the DHT. The torrent client application may be part of a DHT network, so it may generate a hash of the torrent file and use it as a key to look up values for Internet locations of peers in the swarm in the DHT.
In another configuration, a torrent file need not be directly downloaded and processed by the torrent client. Instead, a “magnet link” that incorporates the hash of the torrent file may be included directly into the Uniform Resource Identifier (URI) or Uniform Resource Locator (URL) that may be processed by a web browser on the computing device. Upon a magnet link being opened in the web browser, the computing device may directly open the torrent client application available thereon. Using the hash of the torrent embedded in the magnet link, the torrent client application can then access the DHT to look up the Internet locations of participants in the swarm to start downloading pieces of the desired content.
Due to the nature of peer-to-peer file sharing, computing devices requesting to download content associated with a torrent file are often unfamiliar with the party that originally seeded the content, nor the computing devices of the swarm which they are downloading the content from. This creates increased security risks that the content ultimately downloaded may be malicious or harmful. There is thus a need for improved systems and methods for harmful file rating and screening in online file transfers.